An issue exists in PHP 7.3.x prior to 7.3.1. An invalid multibyte string supplied as an argument to the mb_split() function in ext/mbstring/php_mbregex.c can cause PHP to execute memcpy() with a negative argument, which could read and write past buffers allocated for the data.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
php php |
||
netapp storage automation store - |